Reorder commit object fields and create separate non-indexmap signing…

… function

rsky-pds/src/apis/com/atproto/sync/subscribe_repos.rs

@@ -165,7 +165,6 @@ pub async fn subscribe_repos<'a>(
                                 }).collect::<Vec<SubscribeReposCommitOperation>>(),
                                 blobs: blobs.into_iter().map(|blob| blob.to_string()).collect::<Vec<String>>(),
                             };
-                            println!("@LOG: com.atproto.sync.subscribeRepos #commit event: {subscribe_commit_evt:?}");
                             let message_frame = MessageFrame::new(subscribe_commit_evt, Some(MessageFrameOpts { r#type: Some(format!("#{0}",r#type)) }));
                             let binary = match message_frame.to_bytes() {
                                 Ok(binary) => binary,

rsky-pds/src/common/sign.rs

@@ -24,3 +24,17 @@ pub fn atproto_sign<T: Serialize>(obj: &T, key: &SecretKey) -> Result<[u8; 64]>
     let normalized_compact_sig = sig.serialize_compact();
     Ok(normalized_compact_sig)
 }
+
+pub fn sign_without_indexmap<T: Serialize>(obj: &T, key: &SecretKey) -> Result<[u8; 64]> {
+    let unsigned_bytes = serde_ipld_dagcbor::to_vec(&obj)?;
+    // Hash dag_cbor to sha256
+    let hash = Sha256::digest(&*unsigned_bytes);
+    // Sign sha256 hash using private key
+    let message = Message::from_digest_slice(hash.as_ref())?;
+    let mut sig = key.sign_ecdsa(message);
+    // Convert to low-s
+    sig.normalize_s();
+    // ASN.1 encoded per decode_dss_signature
+    let normalized_compact_sig = sig.serialize_compact();
+    Ok(normalized_compact_sig)
+}

rsky-pds/src/repo/mod.rs

@@ -472,7 +472,6 @@ impl Repo {
         let data_cid: Cid = data.get_pointer()?;
         let diff = DataDiff::of(&mut data, None)?;
         new_blocks.add_map(diff.new_mst_blocks)?;
-
         let rev = Ticker::new().next(None);
         let commit = util::sign_commit(
             UnsignedCommit {

rsky-pds/src/repo/types.rs

@@ -9,33 +9,36 @@ use std::collections::BTreeMap;
 // Repo nodes
 // ---------------
 
+// IMPORTANT: Ordering of these fields must not be changed
 #[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
 pub struct UnsignedCommit {
     pub did: String,
-    pub version: u8, // Should be 3
+    pub rev: String,
+    pub data: Cid,
     // `prev` added for backwards compatibility with v2, no requirement of keeping around history
     pub prev: Option<Cid>,
-    pub data: Cid,
-    pub rev: String,
+    pub version: u8, // Should be 3
 }
 
+// IMPORTANT: Ordering of these fields must not be changed
 #[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
 pub struct Commit {
     pub did: String,
-    pub version: u8, // Should be 3
-    pub prev: Option<Cid>,
-    pub data: Cid,
     pub rev: String,
+    pub data: Cid,
+    pub prev: Option<Cid>,
+    pub version: u8, // Should be 3
     pub sig: Vec<u8>,
 }
 
+// IMPORTANT: Ordering of these fields must not be changed
 #[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
 pub struct LegacyV2Commit {
     pub did: String,
-    pub version: u8, // Should be 2
-    pub prev: Option<Cid>,
-    pub data: Cid,
     pub rev: Option<String>,
+    pub data: Cid,
+    pub prev: Option<Cid>,
+    pub version: u8, // Should be 2
     pub sig: Vec<u8>,
 }
 

rsky-pds/src/repo/util.rs

@@ -1,4 +1,4 @@
-use crate::common::sign::atproto_sign;
+use crate::common::sign::sign_without_indexmap;
 use crate::common::tid::Ticker;
 use crate::repo::types::{Commit, Lex, RecordPath, RepoRecord, UnsignedCommit, VersionedCommit};
 use crate::storage::Ipld;
@@ -11,7 +11,7 @@ use std::str::FromStr;
 use lexicon_cid::Cid;
 
 pub fn sign_commit(unsigned: UnsignedCommit, keypair: Keypair) -> Result<Commit> {
-    let commit_sig = atproto_sign(&unsigned, &keypair.secret_key())?;
+    let commit_sig = sign_without_indexmap(&unsigned, &keypair.secret_key())?;
     Ok(Commit {
         did: unsigned.did,
         version: unsigned.version,